package com.hptpd.questionnairesurvey.component.interceptor;

import com.hptpd.questionnairesurvey.utils.StringUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @author 彭诗杰
 * @createTime 2020-02-14 12:22
 * @description 处理安全拦截器
 */
@Component
@Slf4j
public class SecurityInterceptor implements HandlerInterceptor {

    public static final String HEADER_FORWARD = "X-Forwarded-For";

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
        log.debug("the header of the request forward is: [{}]", request.getHeader(HEADER_FORWARD));
        if (!StringUtil.isEmpty(request.getHeader(HEADER_FORWARD)) &&
                "127.0.0.1".equals(request.getHeader(HEADER_FORWARD))) {
            response.sendError(HttpServletResponse.SC_FORBIDDEN);
            return false;
        }
        return true;
    }
}
